Closed TruthWithLove closed 6 years ago
Also guidance on how to trap and log the errors is ideal. (how would I handle tracing this in production?)
Hi @ZeroPKI It would be great to have the logs from the app. On localhost you can check the logs in VisualStudio. In a published app on Azure you can use the Diagnostic logs feature of Web Apps. To check what the tokens are doing between login.microsoftonline.com and your app, you can use fiddler for example.
I have been able to update this project to .NET Core 2.1 so it is possible. If I compare my update with the 2.0 version I see one difference in StartUp.ConfigureServices. The 2.0 code looks like this:
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddAzureAd(options => Configuration.Bind("AzureAd", options))
.AddCookie();
services.AddMvc();
// This sample uses an in-memory cache for tokens and subscriptions. Production apps will typically use some method of persistent storage.
services.AddMemoryCache();
services.AddSession();
// Add application services.
//services.AddSingleton<IConfiguration>(Configuration);
services.AddSingleton<IGraphAuthProvider, GraphAuthProvider>();
services.AddTransient<IGraphSdkHelper, GraphSdkHelper>();
}
And my updated version to 2.1 looks like this:
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddAzureAd(options => Configuration.Bind("AzureAd", options))
.AddCookie();
services.Configure<CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
//services.AddAuthentication(AzureADDefaults.AuthenticationScheme)
// .AddAzureAD(options => Configuration.Bind("AzureAd", options));
services.AddMvc(options =>
{
var policy = new AuthorizationPolicyBuilder()
.RequireAuthenticatedUser()
.Build();
options.Filters.Add(new AuthorizeFilter(policy));
})
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
// This sample uses an in-memory cache for tokens and subscriptions. Production apps will typically use some method of persistent storage.
services.AddMemoryCache();
services.AddSession();
// Add application services.
//services.AddSingleton<IConfiguration>(Configuration);
services.AddSingleton<IGraphAuthProvider, GraphAuthProvider>();
services.AddTransient<IGraphSdkHelper, GraphSdkHelper>();
}
Maybe that helps a bit. Otherwise I see no significant changes to the code.
@pekspro pull requests are welcomed! 😉
@mark-szabo, OK :-) I created PR #22
Worked for me, thanks @pekspro !
Merged #22
Not sure if this is the right way to ask for help, but I could use a hand.
I have a project located at https://github.com/ZeroPKI/OAuthGateway where I have a fork of this project up and running, and a second project running .NET Core 2.1.
Anytime MSAL returns the authentication it results in error. Live demo here: https://us-sw-zeropki-oauthgateway.azurewebsites.net/
I've compared each project line-by-line, and even upgraded this sample up to ASP.NET Core 2.1, and replaced the ASPNET.ALL library with ASPNET.NET. Any assistance or guidance is appreciated.